Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:07

General

  • Target

    8ba018b35337c6591961a60090b13fa1_JaffaCakes118.html

  • Size

    42KB

  • MD5

    8ba018b35337c6591961a60090b13fa1

  • SHA1

    7966f53280b1eb234d0348ca2969e981800607f4

  • SHA256

    d7c9c57ef2dcfa5eb95433d81b27f7a70c5f8bf979f3abe38cf7167afdaa2224

  • SHA512

    9ca70a472d6be7cf9e49767f15d6fa59c3624ef9947a5047eb87516b3cdbd88b25ee7065f0a051adbfe933ebe2e884beac284308a66d6a0befffef0cea9dffc9

  • SSDEEP

    192:uw3Ab5nRWnQjxn5Q/5nQiesNnxunQOkEnt7rnQTbnxnQmSzxYbt9xGCj7R6adPpe:6Q/Joxe7VRoVwq7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ba018b35337c6591961a60090b13fa1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2216

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          876b8c902c9196ce68e82e5b168bdf19

          SHA1

          482a6462b210adbbf2946b3eea7810107aaa7d0f

          SHA256

          f86fac58d5d5d72957d62757f71184af087c84c92ed5c7ca38999bd37c0b4dd1

          SHA512

          dffd9f2a9b6c9615d8804b311d2d9206baf093be0d842a3d8fa227bfc1869ec41880fa8314c3b1169acf9ae8bc91ba06b42492de74d87d882d8feb21b68013e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5b09728ac70c7275dc77ac3c8d4f2cc9

          SHA1

          603fe336edad4c33b271762b4933b5507b36a1f7

          SHA256

          b7971198005331601ff5f0f8ce80601b3f16ce0905e093b50a3a7e55f5414a19

          SHA512

          3f5ae181f886c8dd15312ef39244378915946f22dfdb421dcd4948451047c4ec5767783e525c85911d5256f4a855417bf3e1b72fcc34fd2a69e71ad929b650e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2e59002877383b37edac016adbcd76d7

          SHA1

          24ae6523cfce48d64874ac0cb420db7155993985

          SHA256

          37495a38217a4485fbbb2347e247d52a6fe36301c41ac490915fac9c54d558ab

          SHA512

          caec8742794788db66777608166baa3b74be839ed2b7ad35fb6b7f11e5332aa76501904ebe37e5532d8dbd6192b5eb111cf50ab216903a24af834be3ad18c820

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f8ab83b5a9c06760dcc8180346db43e9

          SHA1

          30b54a34748796962622507c2928d88db9873ce2

          SHA256

          35996889df8e0fbd680263558856fa26a376886b54198f5262e8f4cef6e20e29

          SHA512

          0d90661d9af69c485406e4bc3eaebc51dd48e836bbaebd2e4e2c3f932491798f540a46947d9218894cb956be30c939229f4569211b8d29ea281c2f9467cf8e20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c93b39e934862cc4392cb368bd07e5af

          SHA1

          22fecac2cd1448a71d024d171811fe2b9394b4a3

          SHA256

          dfa69ffc375101e8e7e78b46e747e710f5b5c75ce2ae605adc5e6b6befda9d02

          SHA512

          6ab41c837b78ce41db4dd7c6d3cfa19171cc23f5e2c1eff7fccf473c027561602dc0221f6d6013d8def0ca12e1ac8132ed1105233d1dbeb1a3af4d847471bd3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d4d0badee840660e4e6ba428a695ae4e

          SHA1

          902a09a0be530359f6cd6005f1cfe09c3e3b6ad1

          SHA256

          12f88813aefb6a6f36fff97505ae28fcee4200b18d32a236a622047eb8a75235

          SHA512

          28b43aafa210ec34aa30a9b1160d08b935816bc5652e9a1574839d9e4184bd5b0dcb03739f393f5d2d8c91c629486b48f9fef5965dffc4fe3221360d3b00e18c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          35d17310c9598db24dce50ac77c838bd

          SHA1

          cb7a82acd0b6cc5db2043cc51641d0e784ac5e69

          SHA256

          3ce2ed17fd6a7acd71ef0e7205f26fa7dab8b0e80b23321a29be3c00ad97ef54

          SHA512

          6ab000416f7edc694657c7b3b4a9b58377b6ff2860515c99a524abdca1cb2d6efc5d76845ba392a2335a3eac495e02d5e1a06feaa21b50a73de2083ee29c6411

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dd5df47cc5df3c3bd3e1a40de6258bf7

          SHA1

          753ff87c2c314e0b8844c9633cddd2b64f5e8221

          SHA256

          740ebe525e672119f06e44dca424f5228b2d93e9d11747cd5f239edd2edf7512

          SHA512

          8965819afa035f2207f1786cb41d022802984c87bbd7bd92cc1d5c959aefa5b9d0a8a40040877667745e3d9ff28f0db75ca32a5d517022b0a8c2c34178836723

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          37c0c686bcf9dfb934499e1ebabb6b0d

          SHA1

          82386315db7e81f8ad2b152ff3c3fce7215b1cf0

          SHA256

          6318e4ed04694639582e9431573f48e9fe58e6461366f5ac6d1c2eeca68e6530

          SHA512

          a29769b5f53d350d6cc1cc6dcb392ecf22ea7f713b7276e25819a91e2343112f53d49084a81d608ce81b72bf7f36b085e6d1cc326ad5c7891230ce0e23692170

        • C:\Users\Admin\AppData\Local\Temp\CabA6E.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\CabB4B.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarB5F.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b